Sharing Our GDPR Learnings and Expertise with the Legal and Tech Industries

As you may know, in three weeks the General Data Protection Regulation (GDPR) will be enforced across Europe and will have widespread implications for businesses with global operations, like Taboola.

As we described in an earlier post, we’ve been focused on ensuring that our services comply with the GDPR by May 25, 2018 and providing internet users the highest level of transparency and control when it comes to the use of their data for online advertising.

Since then, we’ve done a lot to prepare for the new regulation, working closely with our publisher, advertiser, and data partners, and collaborating with others in the industry. We’ve also been sharing our knowledge with the adtech and privacy communities in a number of meaningful ways.

We’re highlighting what the legal community needs to know about the GDPR

This April, Julia Morpurgo, Associate Counsel, CIPP/E at Taboola, contributed a legal article to the American Bar Association’s, “What’s in Store” industry publication that focuses on consumer data protection, privacy, and advertising.

Julia’s article, “Easy Conversation about the Most Complicated Areas of the GDPR,” offers readers an overview of the GDPR and an explanation of some of its more difficult concepts such as legitimate interest, automated processing, and the right to be forgotten.

The piece is a helpful resource for attorneys and interested others who don’t specialize in privacy or aren’t particularly familiar with European privacy law.

We’re hosting events to help other tech leaders and legal advisors in the industry.

To provide guidance to our partners in the tech and digital advertising communities, Shelly Paioff, Taboola’s VP of Legal Affairs, CIPP/E, presented in February to 100 technology leaders and lawyers at our office in Tel Aviv.

During the event, Shelly shared ways that tech companies should be thinking about and preparing for the GDPR — like becoming familiar with its legal requirements, fully understanding what personal data your company holds and where it flows, and preparing to receive data subject access requests.

Most importantly, she reminded attendees to think critically and creatively about ways to ensure compliance without sacrificing the needs of their business.

We know the GDPR isn’t an easy change for anyone to tackle, so to help our publishers that could not attend the event, we prepared an easy-to-read GDPR one sheet that outlines ways you can prepare.

We’re doubling down on our role in the privacy industry.

Last spring, Taboola joined the IAB Europe’s GDPR Implementation Group, where we worked closely with others in the industry to develop the newly released IAB Europe Transparency & Consent Framework, which we strongly support. As we are committed to our publishers’ choices regarding GDPR compliance, we are a registered Global Vendor of the Framework, and we will accept and honor consent signals provided by our partners.

Lastly, just this month, Taboola became the newest corporate member of the International Association of Privacy Professionals, (the “IAPP”). While our privacy attorneys have each been longtime individual members and have obtained their privacy certifications from the IAPP, we believe that Taboola’s corporate membership is an important way for us to demonstrate our commitment to global privacy efforts and to continue to learn about and contribute to industry best practices.

We know that the GDPR will be an ongoing discussion well past the May 25, 2018 deadline, and we are committed to continuing to collaborate with our partners and sharing our expertise and learnings as we go.